lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <da15e23f0411191323556daf97@mail.gmail.com>
From: wesleymcgrew at gmail.com (Robert Wesley McGrew)
Subject: Why is IRC still around?

On Fri, 19 Nov 2004 12:40:26 -0500, Danny <nocmonkey@...il.com> wrote:
> Well, it sure does help the anti-virus (anti-malware) and security
> consulting business, but besides that... is it not safe to say that:
> 
> 1) A hell of a lot of viruses/worms/trojans use IRC to wreck further havoc?

If you mean botnets that gather on IRC as a control channel, I believe
IRC is used because it's a relatively simple protocol to code to. It'd
be just as easy, arguably easier, to use some other protocol. Check
out steele's writeup on a web based botnet of proxies:

http://lowkeysoft.com/proxy/

The screenshots at least will give you some idea of how effective a
web control channel can be.  Do you plan on coming back in two or
three years to post "Why is HTTP still around?"

> 2) A considerable amount of "script kiddies" originate and grow through IRC?

A lot of us originated and grew through IRC, and I'll give it to you
that it's a good playground for the kiddies to play in, but I don't
really see how any other communication channel would have prevented
this.  Most of the kids of today and tommorow are probably coming up
through web forums and such anyways.  2 years: "Why is phpBB still
around?"

> 3) A wee bit of software piracy occurs?

I'll hand this one to you too, but the actual transfers go from client
to client, not through the IRC servers.  Surely this isn't any more
insidious than meeting up in some other chat protocol or web site to
transfer files from one person to another.  Compare to bittorrent
where public websites can post a torrent, and hundreds of people who
wouldn't have a clue as to how to join an IRC channel can distribute a
file with surprising efficiency, both downloading and uploading
segments to each other in an automated way.

> 4) That many organized DoS attacks through PC zombies are initiated through IRC?

See 1)

> 5) The anonymity of the whole thing helps to foster all the illegal
> and malicious activity that occurs?

If you're not connecting through a proxy/3rd party system in some way,
then your anonymity on IRC is probably not as high as you might think.

> The list goes on and on...
> 
> Sorry to offend those that use IRC legitimately (LOL - find something
> else to chat with your buddies), but why the hell are we not pushing
> to sunset IRC?

Because (assuming that you could somehow stop people from running IRC
servers, which I would love to hear how) in two years we'd have to
sunset another protocol that people used as a anonymous hangout/warez
trading/malware control channel.

> What would IT be like today without IRC (or the like)? Am I narrow
> minded to say that it would be a much safer place?

I don't believe it'd be much safer.  The same things that make IRC a
nice protocol for script kiddies are the same things that make it a
nice simple tool for communication for legitimate purposes.  I believe
that anything that would prove to be as nice of a chat setup for
legitimate users, would be just as convenient for illegitimate
purposes.

-- 
Robert Wesley McGrew
http://cse.msstate.edu/~rwm8/


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ